IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
With apologies to Charlton Heston and Pierre Boule.
"You damn fools, you finally did it".
Changed default security mode to be security=user.
Yes this is a big (although small in code) change.
It's something we've been discussing for a while, to
finally wean people off the legacy security=share mode
which is *never* what you want.
Jeremy.
nmbd_incomingrequests.c: Bug fix for nmbd core dumps caused by overrun.
Found by <samuel@public.szonline.net>.
nttrans.c: More NT smb stuff.
reply.c: Unlink will overwrite an existing file. Well you learn
something new about POSIX every day. :-).
server.c: Tidyup unreadable code.
smbpasswd.c: Code to allow -U remote_username to allow ordinary
users to change remote passwords if their NT username
is different from their UNIX username.
Patch from <torbjorn.lindh@allgon.se>.
Jeremy.
password.c: Added code to tell server.c when machine password needs changing.
server.c: Change machine password in idle cycles if it needs it.
smbpassfile.c: Fixed up length calculations for machine password file.
smbpasswd.c: Moved domain joining code/machine password changing code.
lib/rpc/client/cli_netlogon.c: And this is where it now lives.
Jeremy.
function table, selectable at compile time. This should make the
code that implements all the password functions much cleaner, as
it's now very clear exactly what a particular password database
needs to provide to Samba.
Jeremy.
ldap.c: Stoped dummy_function being prototyped.
loadparm.c: Fixed slprintf sizes.
nisppass.c: Fixed safe_strcpy sizes.
nmbd_processlogon.c: Changed back to getsmb... from getsam...
nttrans.c: Just a dump of new code.
passdb.c: Moved stuff around a lot - stopped any lookups by rid. This
needs to be indirected through a function table (soon).
password.c: Changed back to getsmb... from getsam...
reply.c: Changed back to getsmb... from getsam...
slprintf.c: Fixed prototype problems.
smb.h: Fixed prototype problems.
smbpass.c: Changed to getsmbfile....
smbpasswd.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_netlog.c: Changed back to getsmb... from getsam...
lib/rpc/server/srv_samr.c: Fixed rid lookup - use uid or gid lookup.
lib/rpc/server/srv_util.c: Changed back to getsmb... from getsam...
Jeremy.
It removed all ocurrences of the following functions :
sprintf
strcpy
strcat
The replacements are slprintf, safe_strcpy and safe_strcat.
It should not be possible to use code in Samba that uses
sprintf, strcpy or strcat, only the safe_equivalents.
Once Andrew has fixed the slprintf implementation then
this code will be moved back to the 1.9.18 code stream.
Jeremy.
Makefile:
created PASSBD_OBJ group
includes.h:
added #ifdef USE_LDAP to #include <ldap> headers
ldap.c:
- renamed "_machine" to "_trust" everywhere.
- added sam_passwd support routines
- removed get_ldappwd_entry function: replaced with get_sampwd_entry
- removed getldappwnam/uid: replaced with getsampwnam/uid
- other messing about bits which are probably going to annoy the
hell out of jean-francois (sorry!)
mkproto.awk:
- added stuff to wrap ldap.c protos with #ifdef USE_LDAP
- added uid_t and gid_t return results to the prototype generation
passdb.c:
- created getsam21pwent, add_sam21pwd_entry, mod_sam21pwd_entry.
- modified getsampwnam/uid and created getsam21pwnam/rid functions
to replace the local get_smbpwd_entry() and get_ldappwd_entry()
functions, which jeremy didn't like anyway because they were
dual-purpose.
- added utility routines which are or may be useful to all the
password database routines.
password.c:
- renamed "machine_" to "trust_" everywhere.
smbpass.c:
- removed get_smbpwd_entry function: replaced it with get_sampwd_entry
functions in passdb.c
- moved code that decoded acct_ctrl into passdb.c
- moved encode_acct_ctrl into passdb.c
- removed getsmbpwnam/uid: replaced with getsampwnam/uid
- renamed "machine_" to "trust_" everywhere.
smbpasswd.c:
- renamed "machine_" to "trust_" everywhere.
util.c:
- moved gethexpwd function into passdb.c
lib/rpc/server/srv_util.c:
- moved user_rid_to_uid, group_rid_to_rid etc etc into passdb.c
everywhere. I've implemented slprintf() as a bounds checked sprintf()
using mprotect() and a non-writeable page.
This should prevent any sprintf based security holes.
passwords to be stored over time, allowing a smbpasswd file migration.
Adds new parameter "update encrypted".
Will also add to 1.9.18 branch.
Docs update to follow.
Jeremy.
It is changing the global variables "myname" and "myworkgroup"
to "global_myname" and "global_myworkgroup" respectively.
This is to make it very explicit when we are messing
with a global (don't ask - it makes the domain client
code much clearer :-).
Jeremy.
password.c: Changed global cli -> pw_cli, removed strtok (bad strtok, bad :-)
use in security=server, started to extend security=domain code.
smbpasswd.c: Removed rap error code functions.
Jeremy.
smbpass.c: Added lock depth code so calls to pw_file_lock() can be nested.
Fixed codedump problems in add_smbpwd_entry().
smbpasswd.c: Removed all the code that manipulated the password file
directly. Now *all* smbpasswd file changes are done through
the interfaces defined in smbpass.c This should make
the life of people adding alternate backend databases
*much* easier.
lib/rpc/server/srv_netlog.c: Removed debug messages used to debug
machine password changing.
Jeremy.
smbdes.c: Added cred_hash3.
smbpasswd.c: Fixes for adding a machine account (needs more work).
lib/rpc/server/srv_netlog.c: Turn on the machine password changing
code by default (calls cred_hash3).
Jeremy.
nmbd.c: Fix for always overwriting log despite append setting.
smb.h: Addition of last time password changed entry to account info.
smbpass.c: Changes to support last time changed field in smbpasswd file.
smbpasswd.c: Changes to support last time changed field in smbpasswd file.
util.c: Fix for always overwriting log despite append setting.
Jeremy.
get_smbpwd_entry (now an internal function to smbpass.c)
to a more UNIX-like :
getsmbpwnam() - get entry by name.
getsmbpwuid() - get entry by uid.
Changed the type returned by the smbpasswd enumeration
functions to be a void * so that people don't come to
depend on it being a FILE *.
These abstractions should make it much easier to
replace the smbpasswd file with a better backend
in future.
Other files changed are to match the above changes.
Jeremy.
quotas.c: Linux quota fix.
util.c: Ensure smb_read_error is zero in all calls that can set it.
lib/rpc/include/rpc_misc.h lib/rpc/include/rpc_netlogon.h
lib/rpc/parse/parse_misc.c lib/rpc/parse/parse_net.c
lib/rpc/server/srv_netlog.c : Modify Luke's code to call
SamOEMhash().
Jeremy.
Changed smbpasswd to be client-server for a normal user, rather
than accessing the private/smbpasswd file directly (it still accesses
this file directly when run as root, so root can add users/change a
users password without knowing the old password).
A shakeout of this change is that smbpasswd can now be used to
change a users password on a remote NT machine (yep - you heard
that one right - we can now change a NT password from UNIX !!!!!).
Jeremy.
all I saw" - the book of Jeremy, chapter 1 :-).
So here is the mega-merge of the NTDOM branch server code.
It doesn't include the new client side pieces, we'll look
at that later.
This should give the same functionality, server wise, as
the NTDOM branch does, only merged into the main branch.
Any fixes to domain controler functionality should be
added to the main branch, not the NTDOM branch.
This code compiles without warnings on gcc2.8, but will
need further testing before we are sure all the working
functionality of the NTDOM server branch has been
correctly carried over.
I hereby declare the server side of the NTDOM branch
dead (and all who sail in her :-).
Jeremy.
Luke, when you don't know what has been changed in the CVS tree I
highly recommend you point your browser at:
http://samba.anu.edu.au/cgi-bin/cvsweb/samba/source
If you click on a filename you can then see all the commits and
changes that have been made to it over time. You can also download any
version of the file or find the differences between any two versions.
All of this is not dependent on the state of your local CVS sandbox,
so it can be used to find out the "true" state of the tree at any
time.
If you suspect some sort of CVS problem (like a change getting
reverted) then please use the above URL to work out what has
happened. You should be able to see exactly who made what changes and
when.
debugging output wasn't (still isn't) perfect.
credentials.c lsaparse.c smbparse.c :
added DEBUG strings.
pipes.c :
lost some changes, to do with setup of RPC headers. arg.
- change the way the smbpasswd file is auto-created if it doesn't
exist. It didn't work under IRIX for some unknown reason
The smbpasswd.c code is really a bit of a mess. We should probably
rewrite it sometime.
1) put the encryption code in by default, with no #ifdef. It is still
disabled by default so you need to add "encrypt passwords = yes" in
smb.conf but at least all binaries will have it.
2) cleanup the kanji code so it compiles with no warnings
3) get rid of lots of uses of ugly non-portable C code. The main
offender being things like "register" but also remove uses of the
"const" keyword as there are compilers out there that don't support it
and even those that do often complain about its usage. Users don't
like warnings :-(
There is still some work to do. We need to replace the md4 code with
our own implementation. The current code (from rfc1186) is PD but is
not very portable. The new RFC (rfc1320) is more portable but adds
copyright restrictions. I'll do a from-scratch MD4 soon.
We also need to test that what I've implemented is portable. It should
be, but I'm too tired right now to test it on anything other than
intel linux.
includes.h: Changed for HPUX10 tidyup.
ipc.c: Fixed bug where getting local server list from NT browsers would
fail.
nmbsync.c: Fixed bug where getting local server list from NT browsers would
fail.
proto.h: Changed for crash bug on SCO with USE_MMAP.
quotas.c: Added OSF quotas (patch from Bret Giddings <bret@essex.ac.uk>).
Rolled back solaris uid change - I think it was wrong.
reply.c: Changed for crash bug on SCO with USE_MMAP.
server.c: Removed Lukes changes. Changed for crash bug on SCO with USE_MMAP.
smb.h: Changed for crash bug on SCO with USE_MMAP.
smbpasswd.c:Fixed crash bug with Lukes changes.
uid.c: Removed Lukes changes.
util.c: Fixed I18N bug with extended char filenames and widelinks = no.
Jeremy (jallison@whistle.com)
two sets of operation:
as root: specify username password.
as user: specify old password new password
this will allow shell scripts (like adduser) to include smbpasswd.
lkcl
a codepage_initialise(). Fixes problem with initialising dos map
twice.
charset.h: Changes to support charset changes.
client.c: Changes to support charset changes.
loadparm.c: follow symlinks parameter from David Clerc <David.Clerc@cui.unige.ch>
nmbd.c: Changes to support charset changes.
nmblookup.c:Changes to support charset changes.
proto.h: Changes to support charset changes.
reply.c: Don't call security=server with no user/no password guest. Fix from
Stefaan A Eeckels <Stefaan.Eeckels@ecc.lu>
server.c: follow symlinks code from David Clerc <David.Clerc@cui.unige.ch>
smbpasswd.c:Changes to support charset changes.
status.c: Changes to support charset changes.
testparm.c: Changes to support charset changes.
testprns.c: Changes to support charset changes.
uid.c: Fixed log message with no \n.
Jeremy (jallison@whistle.com)
Wed May 7 1997: Update for 1.9.17alpha1 release - 'browsefix release'
designed to make browsing across subnets work.
byteorder.h: Updated copyright to 1997.
charcnv.c: Updated copyright to 1997.
charset.c Updated copyright to 1997.
charset.h Updated copyright to 1997.
client.c Updated copyright to 1997.
clientutil.c Updated copyright to 1997.
dir.c Updated copyright to 1997.
fault.c Updated copyright to 1997.
includes.h Updated copyright to 1997.
interface.c Updated copyright to 1997.
ipc.c Updated copyright to 1997.
kanji.c Updated copyright to 1997.
kanji.h Updated copyright to 1997.
loadparm.c Updated copyright to 1997.
locking.c Updated copyright to 1997.
mangle.c Updated copyright to 1997.
message.c Updated copyright to 1997.
nameannounce.c
Made use of WINS subnet explicit.
Added reset_announce_timer() so announcement
can be made immediately when we become a master.
Expanded code to do sync with dmb.
namebrowse.c
Removed redundent checks for AM_MASTER in
sync code. Made use of WINS subnet explicit.
namedbname.c Made use of WINS subnet explicit.
namedbresp.c Made use of WINS subnet explicit.
namedbserver.c Made use of WINS subnet explicit.
namedbsubnet.c
Explicitly add workgroup to WINS subnet
when we become a dmb. Made use of WINS subnet explicit.
namedbwork.c
Made use of WINS subnet explicit. Removed
redundent check_work_servertype() function.
nameelect.c
Explicitly add workgroup to WINS subnet
when we become a master browser. Made use of WINS subnet explicit.
namelogon.c Updated copyright to 1997.
namepacket.c Updated copyright to 1997.
namequery.c Updated copyright to 1997.
nameresp.c
Made use of WINS subnet explicit. Made nmbd fail if
configured as master browser and one exists already.
nameserv.c
Made use of WINS subnet explicit. Remove redundent
logon server and domain master code.
nameserv.h Add emumerate subnet macros.
nameservreply.c Made use of WINS subnet explicit.
nameservresp.c Updated copyright to 1997.
namework.c
Made use of WINS subnet explicit. Updated code to
add sync browser entries to add subnet parameter.
nmbd.c
Added sanity check for misconfigured nmbd.
nmblib.c Updated copyright to 1997.
nmblookup.c Updated copyright to 1997.
nmbsync.c
Removed redundent AM_ANY_MASTER check.
params.c Updated copyright to 1997.
password.c Updated copyright to 1997.
pipes.c Updated copyright to 1997.
predict.c Updated copyright to 1997.
printing.c Updated copyright to 1997.
proto.h
Changed protos for new nmbd code.
quotas.c Updated copyright to 1997.
replace.c Updated copyright to 1997.
reply.c Updated copyright to 1997.
server.c Updated copyright to 1997.
shmem.c Updated copyright to 1997.
smb.h Updated copyright to 1997.
smbencrypt.c Updated copyright to 1997.
smbpasswd.c Updated copyright to 1997.
smbrun.c Updated copyright to 1997.
status.c Updated copyright to 1997.
system.c Updated copyright to 1997.
testparm.c Updated copyright to 1997.
testprns.c Updated copyright to 1997.
time.c Updated copyright to 1997.
trans2.c Updated copyright to 1997.
trans2.h Updated copyright to 1997.
uid.c Updated copyright to 1997.
username.c Updated copyright to 1997.
util.c Updated copyright to 1997.
version.h
Changed to 1.9.17alpha1.
The biggest thing is the integration of Lukes new nmbd. Its still
largely untested, so we will really need some feedback
I've also added auto prototype generation and cleaned up a lot of
minor things as a result
